{{Top_10_2010:TopTemplate|useprev=2010PrevLink|usenext=Nothing|prev=Notes About Risk}}

−

+

{{Top_10_2010:SubsectionColoredTemplate|Top 10 Risk Factor Summary|

{{Top_10_2010:SubsectionColoredTemplate|Top 10 Risk Factor Summary|

The following table presents a summary of the 2010 Top 10 Application Security Risks, and the risk factors we have assigned to each risk. These factors were determined based on the available statistics and the experience of the OWASP team. To understand these risks for a particular application or organization, <b><u>you must consider your own specific threat agents and business impacts</u></b>. Even egregious software weaknesses may not present a serious risk if there are no threat agents in a position to perform the necessary attack or the business impact is negligible for the assets involved.

The following table presents a summary of the 2010 Top 10 Application Security Risks, and the risk factors we have assigned to each risk. These factors were determined based on the available statistics and the experience of the OWASP team. To understand these risks for a particular application or organization, <b><u>you must consider your own specific threat agents and business impacts</u></b>. Even egregious software weaknesses may not present a serious risk if there are no threat agents in a position to perform the necessary attack or the business impact is negligible for the assets involved.

The Top 10 cover a lot of ground, but there are other risks that you should consider and evaluate in your organization. Some of these have appeared in previous versions of the OWASP Top 10, and others have not, including new attack techniques that are being identified all the time. Other important application security risks (listed in alphabetical order) that you should also consider include:

+

The Top 10 covers a lot of ground, but there are other risks that you should consider and evaluate in your organization. Some of these have appeared in previous versions of the OWASP Top 10, and others have not, including new attack techniques that are being identified all the time. Other important application security risks (listed in alphabetical order) that you should also consider include:

Latest revision as of 00:30, 23 April 2010

The following table presents a summary of the 2010 Top 10 Application Security Risks, and the risk factors we have assigned to each risk. These factors were determined based on the available statistics and the experience of the OWASP team. To understand these risks for a particular application or organization, you must consider your own specific threat agents and business impacts. Even egregious software weaknesses may not present a serious risk if there are no threat agents in a position to perform the necessary attack or the business impact is negligible for the assets involved.

The Top 10 covers a lot of ground, but there are other risks that you should consider and evaluate in your organization. Some of these have appeared in previous versions of the OWASP Top 10, and others have not, including new attack techniques that are being identified all the time. Other important application security risks (listed in alphabetical order) that you should also consider include: